CVE-2026-56210 – Red Hat Enterprise Linux 10 & Red Hat Hardened Images

CVSS 7.1 IMPORTANT Critical or Zero Day – Immediate Deployment

“A single vulnerable media parser can turn trusted content into a pathway for system compromise.”

Red Hat has released security updates for Red Hat Enterprise Linux 10 and Red Hat Hardened Images to address twelve vulnerabilities affecting GStreamer, libaom, HPLIP, and cifs-utils. The vulnerabilities include heap buffer overflows, out-of-bounds reads and writes, integer overflows, arbitrary memory writes, and improper privilege handling that could allow denial of service, information disclosure, privilege escalation, or remote code execution. The most severe issue, CVE-2026-14544, has a CVSS score of 9.8, which is Critical severity. CVE-2026-52720 has a CVSS score of 8.8 (High), CVE-2026-12505 has a CVSS score of 7.8 (High), CVE-2026-53705 and CVE-2026-56208 each have a CVSS score of 7.6 (High), and CVE-2026-52719, CVE-2026-52722, CVE-2026-53703, CVE-2026-53704, CVE-2026-56209, CVE-2026-56210, and CVE-2026-56211 each have a CVSS score of 7.1 (High).

These updates strengthen input validation, memory boundary checks, privilege handling, and parser logic across multiple multimedia and system components. Several vulnerabilities could potentially lead to remote code execution, while others enable privilege escalation, information disclosure, or denial-of-service attacks when processing specially crafted content. There is no verified public exploitation associated with these vulnerabilities. Applying the updates significantly reduces the risk of system compromise and improves the resilience of affected Red Hat platforms.

Key Details

Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
CWE Classification
CWE-125
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.